-
-
Save TomMaddox/6382304 to your computer and use it in GitHub Desktop.
public static boolean validateKeyFile(File fileHandle) { | |
final int fileSizeLimitKB = 8; | |
if (fileHandle.length() > fileSizeLimitKB * 1024) { | |
return false; | |
} | |
try { | |
InputStream is = new FileInputStream(fileHandle); | |
BufferedReader reader = new BufferedReader(new InputStreamReader(is)); | |
char[] header = new char[37]; | |
reader.read(header, 0, 37); | |
reader.close(); | |
if(String.valueOf(header).contains("-----BEGIN RSA PRIVATE KEY-----")) { | |
return true; | |
} | |
if(String.valueOf(header).contains("-----BEGIN DSA PRIVATE KEY-----")) { | |
return true; | |
} | |
if(String.valueOf(header).contains("-----BEGIN PRIVATE KEY-----")) { | |
return true; | |
} | |
if(String.valueOf(header).contains("-----BEGIN ENCRYPTED PRIVATE KEY-----")) { | |
return true; | |
} | |
} catch (FileNotFoundException e) { | |
Log.e(TAG, "File not found"); | |
return false; | |
} catch (IOException e) { | |
Log.e(TAG, "Not a textfile"); | |
return false; | |
} | |
return false; | |
} |
Can I have some help OPENSSH PRIVATE KEY
@TomMaddox Can we get OPENSSH?
Can we add -----BEGIN OPENSSH PRIVATE KEY-----
As they commented above, can we add "-----BEGIN OPENSSH PRIVATE KEY-----"?
USE -m PEM to ssh-keygen to generate the "BEGIN RSA KEY" type key i.e: https://serverfault.com/questions/939909/ssh-keygen-does-not-create-rsa-private-key
Use termius. It works
yes, please add -----BEGIN OPENSSH PRIVATE KEY-----
, after deleting the OPENSSH
part of the opening and closing lines the key works.
I had been struggling with this import process, as well, not fully grasping what was acceptable to JuiceSSH; which encryption, key strengths, et cetera. A few tweaks should allow users to work around/through the difficulties using "commonly" generated -----BEGIN OPENSSH PRIVATE KEY-----
2048/4096-bit RSA keys (do NOT use 1024-bit, as these are not nearly strong enough, and haven't been in more than a decade). This appears to be the issue encountered most in this thread.
SOURCE: JuiceSSH authentication FAQ.
Once you have confirmed the aforementioned settings are correct in your /etc/ssh/sshd_config file (et al), proceed with the following:
- Backup your current id_rsa private key:
mv ~/.ssh/id_rsa ~/.ssh/id_rsa.BAK
- Then proceed to use @chmouel suggested method to convert your PuTTY / OpenSSH keys for use with JuiceSSH to the old PEM format:
ssh-keygen -p -m PEM -f ~/.ssh/id_rsa
(this step may fail if you don't have permissions to overwrite your current private key, so be certain you've performed the previous step!) - Lastly, copy the just converted (old) PEM format private key file to your mobile device using your preferred secure file transfer method (or simply the concatenate the text using
cat ~/.ssh/id_rsa
and migrate this output to JuiceSSH). The app should now be able to automatically import your private keys using Smart Search.
I'm sorry this doesn't help those of us trying to use elliptic-curve / EdDSA / ED25519 keys (yet). Hopefully @TomMaddox will be able to hook that up in the not too distant future. Thank you, please drive thru.
@BoBBer446
I second that comment. Tried everything until I wound up here and realized my ED25519 key wasn't going to work.